Phishing Scam Wants You to Read Latest News

A number of CEPP faculty and staff have received a note from news@udel.edu requesting that they click a link to read the latest UD news. It is signed, “Regards, The University of Delaware.” This is a phishing scam. A closer look at the link provided in the note reveals that it will take you to a non-UD site. This is a sign not to click! Please delete the message.

If you have any questions, write to oet-help@udel.edu.

My Computer is Infected, Now What?

It happens in a blink of an eye–if you click on a link, attachment, or file that downloads an exploit–your computer is infected! Some signs that a computer is infected include a browser home page that you did not select, sudden slowness, unexplained hard drive activity, or the inability of your computer to access the network. If you notice any of these symptoms, contact OET immediately, and disconnect your computer from the network by unplugging the Ethernet cable or disabling the wireless adapter.

To get your computer back on track, OET will run antivirus and anti-malware software to determine if an infection exists. We also will search the hard drive for personal nonpublic information (PNPI). If no PNPI exists, we will either clean your hard drive or, more likely, reformat it. If we reformat your drive, we will back up your files, wipe you current hard drive of all information, and restore your applications and files. This procedure usually takes a day or less. If PNPI exists on the hard drive, we will contact IT to determine if any further action is necessary. During this more extensive investigation by IT, expect not to be able to access your computer for several days.

To insure that your computer is exploit-free and always up and running, keep virus protection up to date, apply operating system and application updates, avoid clicking on links or attachments that you were not expecting to receive, and follow IT’s guidelines for storing PNPI.

Phishing Scam Wants You to Read Urgent UD News

Some OET clients have received a phishing e-mail from news@udel.edu that requests that they click on a link and enter in their UDNet ID and password to read urgent UD news. Upon examination of the link, it will take anyone who clicks on it to a site outside of the University of Delaware. Delete this message if you receive it and do not click on the link. It is a scam to obtain your UD login credentials.

Beware fake antivirus messages

The latest fashion in software that will infect your computer is a notice that your computer is already infected and that you need to download antivirus or anti-malware software to clean the infection.  One particularly virulent attack calls itself WinAntivirus 2009 and sports the official Microsoft Security Center logo. It pops up full-screen, and the ONLY way to protect yourself from infection is to turn your computer off immediately, since any click anywhere on the screen will download the attacking software. Call OET (8162) and don’t turn the computer on till we get there!

These programs are not just an annoyance: many of them will bury themselves deep in your operating system, steal personal information like passwords, and beam the information back to a central collecting point.  Almost all of them will use your computer as a launching pad to attack other networked computers. As always, the best advice is to think twice before you go to a website that looks at all suspicious, and NEVER click on a link in an e-mail unless you’re sure it’s taking you somewhere safe.

George Mulford

Danger From E-Mail Attachments

Recently, a new phishing e-mail purporting to be from UPS has been making the rounds on the internet.  The e-mail contains a virus that spreads through an attachment.  Never click on attachments in e-mail unless you are certain that the message is actually from the stated sender and that the sender intentionally attached the file to the e-mail for your use.  If you have any doubts at all, delete it.  As always, e-mail oet-help@udel.edu with any questions about suspicious e-mail messages.

Beware of Phishing Schemes

In the past few days, many CHEP clients have received a fraudulent phishing e-mail that requests your University of Delaware (UD) mail account password or UDelNet ID.  This is one of the latest phishing scams that spoof organizations, including UD, to request information such as passwords, credit card account numbers, social security numbers, and other personal, non-public information. 

If you suspect that you have received fraudulent e-mail, do not reply to it or click on any links within the message; delete it.  If you are unsure whether an e-mail is fraudulent, send a note to oet-help@udel.edu. The Office of Educational Technology and Information Technologies (IT), the central computing support organization at UD, will never ask for any information online to keep your accounts active. 

For more information on phishing schemes and how to protect yourself, see Information Technologies’ Phishing Alert;  Microsoft’s site on how to recognize phishing scams and fraudulent e-mail; and the Federal Trade Commission’s site on how to protect yourself against identity theft.  Also, check for news on the latest phishing scams at the University on UDaily.

Delete that Spam!

Several clients have recently received an e-mail message that requests that they verify their UDelNet ID, password, date of birth and country.  This e-mail is a phishing scam, unsolicited e-mail; the best thing to do is to delete the message. You will never be asked to verify your UDelNetID or password through e-mail.  As a matter of course, do not respond to any e-mail by sending your password or any other personal information such as credit card numbers.  Delete!